Ikea's servers have been infiltrated by hackers, who have used them to send malware.
It’s bad enough when you have to put together a piece of flat pack from
Ikea. All those screws, making sure you have each piece the right way round…then taking it apart again when you realize you’ve made a mistake. It’s made furniture cheaper, but far more stressful.
More recently, though, the company has unwittingly been putting a different kind of stress in peoples’ live, according to a
Vnunet report.
It turns out there was a large hole in its security that gave hackers access to its servers, letting them bulk mail spam and malware from the Ikea address. The incident was discovered by security company
Tier-3.
Given the legitimate address, the spam wouldn’t have been caught by most e-mail filters. Among the malware sent were zero-day Trojans and root kit Trojans.
Geoff Sweeney, CTO at Tier-3, explained,
"Ikea's problems were caused because the contact template on the firm's home page was inadequately secured, allowing hackers to insert alternative email addresses in a contact form. This basically allowed anyone with a little technical knowledge to generate millions of phishing and/or spam messages from Ikea's mail servers using a simple script."
Remarkably, it took Ikea five days to close the hole after they’d been informed about it. Maybe they couldn’t find the Allen wrench.
RSS Feed
Be the first to comment on the article!